Latest CVE Feed
-
10.0
HIGHCVE-2015-4883
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4860.... Read more
- Published: Oct. 21, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-4433
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers... Read more
- Published: Jul. 09, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-3127
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler b... Read more
- Published: Jul. 09, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-3117
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers... Read more
- Published: Jul. 09, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-3072
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-... Read more
- Published: May. 13, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-3038
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a differ... Read more
- Published: Apr. 14, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2021-24026
A missing bounds check within the audio decoding pipeline for WhatsApp calls in WhatsApp for Android prior to v2.21.3, WhatsApp Business for Android prior to v2.21.3, WhatsApp for iOS prior to v2.21.32, and WhatsApp Business for iOS prior to v2.21.32 coul... Read more
- Published: Apr. 06, 2021
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2015-0857
Cool Projects TarDiff allows remote attackers to execute arbitrary commands via shell metacharacters in the name of a (1) tar file or (2) file within a tar file.... Read more
- Published: May. 06, 2016
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-0338
Integer overflow in Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code via unspecified vectors.... Read more
- Published: Mar. 13, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-0333
Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a differ... Read more
- Published: Mar. 13, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-0326
Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via unknow... Read more
- Published: Feb. 06, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-0240
The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute ar... Read more
- Published: Feb. 24, 2015
- Modified: May. 09, 2025
-
10.0
HIGHCVE-2014-9488
The is_utf8_well_formed function in GNU less before 475 allows remote attackers to have unspecified impact via malformed UTF-8 characters, which triggers an out-of-bounds read.... Read more
- Published: Apr. 14, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2014-8836
The Bluetooth driver in Apple OS X before 10.10.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (arbitrary-size bzero of kernel memory) via a crafted app.... Read more
- Published: Jan. 30, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2014-8460
Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8457 and CVE-2014-9159.... Read more
- Published: Dec. 10, 2014
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2021-23894
Deserialization of untrusted data vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows a remote unauthenticated attacker to create a reverse shell with administrator privileges on the DBSec server via carefully constructed Java serializ... Read more
Affected Products : database_security- Published: Jun. 02, 2021
- Modified: Nov. 21, 2024
-
10.0
CRITICALCVE-2021-23857
Login with hash: The login routine allows the client to log in to the system not by using the password, but by using the hash of the password. Combined with CVE-2021-23858, this allows an attacker to subsequently login to the system.... Read more
Affected Products : rexroth_indramotion_xlc_firmware rexroth_indramotion_mlc_l20_firmware rexroth_indramotion_mlc_l40_firmware rexroth_indramotion_mlc_l25_firmware rexroth_indramotion_mlc_l45_firmware rexroth_indramotion_mlc_l65_firmware rexroth_indramotion_mlc_l75_firmware rexroth_indramotion_mlc_l85_firmware rexroth_indramotion_mlc_xm22_firmware rexroth_indramotion_mlc_xm21_firmware +14 more products- Published: Oct. 04, 2021
- Modified: Nov. 21, 2024
-
10.0
CRITICALCVE-2021-23856
The web server is vulnerable to reflected XSS and therefore an attacker might be able to execute scripts on a client’s computer by sending the client a manipulated URL.... Read more
- Published: Oct. 04, 2021
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2014-2978
The Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers an out-of-bounds writ... Read more
- Published: Jun. 11, 2014
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2014-2171
Heap-based buffer overflow in Cisco TelePresence TC Software 4.x through 6.x before 6.0.1 and TE Software 4.x and 6.0.x before 6.0.2 allows remote attackers to execute arbitrary code via crafted SIP packets, aka Bug ID CSCud81796.... Read more
- Published: May. 02, 2014
- Modified: Apr. 12, 2025